Please fill in the form below to subscribe to our blog

The Week in Breach News: 01/26/22 – 02/01/22

February 02, 2022

International tensions ratchet up nation-state cybercrime fears in a spate of incidents, another rough week for De Fi and 6 points to use when selling your clients on security awareness training.  


Get ready to pack your bags for Connect IT 2022! Join us June 20-23 in Las Vegas for the industry’s premier event! REGISTER NOW>>



Advocates

https://www.scmagazine.com/analysis/breach/68k-affected-by-data-theft-sophisticated-network-hack-of-nonprofit-advocates

Exploit: Hacking

Advocates: Health & Social Services Non-Profit

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.727= Severe

Advocates announced that it had been the victim of a cyberattack. A hacker gained access to the organization’s network in mid-September 2021. The attacker gained access to data tied to 68,000 clients served by Advocates and likely copied the data. The Massachusetts-based non-profit provides a range of services for individuals with autism, brain injuries, mental health, addiction, and other health conditions. Advocates is cooperating with the ongoing FBI investigation.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.603= Severe

Current and former clients of Advocates are at risk of having their data exposed in this incident. The stolen data included names, contacts, Social Security numbers, dates of birth, client identification numbers, health insurance information, diagnoses and treatments. All impacted individuals will receive free credit monitoring and identity theft protection services.

Customers Impacted: 68,000

How It Could Affect Your Customers’ Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.

ID Agent to the Rescue: Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>


Senate of Puerto Rico

https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236

Exploit: Hacking

Senate of Puerto Rico: State Legislative Body 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.223 =Severe

Puerto Rico’s Senate announced Wednesday that it was the target of a cyberattack that disabled its internet provider, phone system and official online page Senate President José Luis Dalmau said in a statement that there is no evidence that hackers were able to access sensitive information belonging to employees, contractors or consultants, although the incident is still under investigation. 

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Cyberattacks o government agencies have been ramping up in recent months without the impetus of added tension in Eastern Europe.

ID Agent to the Rescue: Share The Computer Security To-Do List with your clients to help them find vulnerabilities and you’ll start profitable conversations! DOWNLOAD IT>>


Kings County Public Health Department 

https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breach

Exploit: Misconfiguration

Kings County California Public Health Department: Local Government Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.711= Moderate

Kings County, California announced that the security flaw in its public webserver made limited information on COVID-19 cases available on the internet. The misconfiguration has been chalked up to a negligent third-party contractor. Discovered in mid-November 2021, officials say that the flaw was in place starting on February 15, 2021, and was corrected on December 6, 2021.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.701= Moderate

In a statement, the county said that names, dates of birth, addresses and COVID-related health information for county COVID-19 cases was among the data that was available to view. They’ve set up a dedicated call center to answer questions from the public.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Misconfiguration incidents due to employee or contractor negligence are just as expensive and damaging as cybercrime when regulators get finished with companies that have them.

ID Agent to the Rescue:  Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>  




Canada – Global Affairs Canada

https://www.bleepingcomputer.com/news/security/canadas-foreign-affairs-ministry-hacked-some-services-down/

Exploit: Hacking

Global Affairs Canada: National Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.719 = Severe

Global Affairs Canada (GAK) Canada’s foreign affairs ministry has announced that it was the victim of an unnamed cyberattack on January 19, 2022. The Treasury Board of Canada Secretariat (TBS), Shared Services Canada, and Communications Security Establishment confirmed the incident in a joint statement. GAC says that critical services remain accessible, but some online services are unavailable as the recovery efforts continue. No information has been released about the identity of the attackers or the specific attack type, a subject of interest at a time of heightened risk for nation-state cyber activity.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.

ID Agent to the Rescue: Help your clients stay safe from the most common delivery system for ransomware, a phishing message, with our Can You Spot the Phishing Email? infographic! DOWNLOAD IT>>


Don’t let roadblocks trap you in the slow lane. Learn to overcome obstacles and put your MSP on the road to prosperity fast. SEE HOW>>



United Kingdom – Qubit Finance

https://therecord.media/qubit-finance-platform-hacked-for-80-million-worth-of-cryptocurrency/

Exploit: Hacking

Qubit Finance: De Fi Platform

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.204= Extreme

A threat actor has stolen approximately $80 million from Qubit Finance after exploiting a flaw in the De Fi platform. Qubit said the attacker was able to steal 206,809 Binance coins (BNB) from its wallet on January 27, 2022. The hacker used a vulnerability in one of its Ethereum blockchain contracts to do the deed. The company has issued a public plea for the threat actor to return the stolen funds, asking them to get in contact with its team to “disclose the bug and receive a bounty reward”. This is sometimes used as a means of circumventing legal trouble for paying a ransom.

Individual Impact: No information about exposed customer personal or financial data was available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business DeFi has been buried under an avalanche of cybercrime lately and there doesn’t appear to be an end in sight.

ID Agent to the Rescue Find and slay dastardly vulnerabilities in your clients’ security strategy and emerge victorious with the Cybersecurity Monster Hunter’s Checklist! GET IT>>


France – Ministry of Justice (Chancellerie) 

https://www.securityweek.com/french-ministry-justice-targeted-ransomware-attack

Exploit: Ransomware

Ministry of Justice: National Government Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.876 = Moderate

An outfit that identifies themselves as LockBit 2.0 posted a message on their dark web leak site claiming to have hit the French Ministry of Justice’s systems, making off with data. The hackers did not specify what data was stolen or how much, but they are threatening to expose it in early February if they’re not paid an unspecified ransom. The ministry’s press office has told reporters that it is aware of the claim and that an investigation has been launched.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cybercriminals have been having a field day going after government agencies, a problem that is only growing worse.

ID Agent to the Rescue Get an in-depth look at how ransomware is evolving and who profits from it in our hit eBook Ransomware ExposedGET THIS EBOOK>>    


Belarus – Belarusian Railways

https://therecord.media/cyber-partisans-hacktivists-claim-credit-for-cyberattack-on-belarusian-railways/ 

Exploit: Hacking

Belarusian Railways: Rail Transportation Authority

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.806 = Severe

As tensions mount in Eastern Europe, the hacktivist group “ Cyber Partisans” announced on Twitter that they had disrupted networks and databases related to the national rail system in Belarus on January 31, 2022. The group demanded the release of political prisoners and a guarantee preventing the use of railway transportation infrastructure to support Russian troop movements. The railroad’s website appears to confirm that online resources and systems related to issuing electronic tickets are not operational. No further details of the incident were available at press time.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted:

How it Could Affect Your Customers’ Business International tensions are rising, creating more opportunities for activism and nation-state cybercrime.

ID Agent to the Rescue Phishing is the gateway to ransomware, a common weapon of nation-state cybercrime. Our eBook The Phish Files can help you gain a strategic edge to defend your clients against phishing. GET THE BOOK>>   


Just getting started in cybersecurity? This resource bundle will help you get up to speed to protect your clients fast! GET IT>>



South Africa – Curo Fund Services

https://mybroadband.co.za/news/security/432056-ransomware-attack-took-down-r2-trillion-investment-company-for-five-days.html 

Exploit: Ransomware

Curo Fund Services: Financial Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.621 = Severe

Curo Fund Services, South Africa’s biggest provider of investment administration services, was the victim of a ransomware attack that left the company unable to access its systems for five days. The company assured clients that no money was at risk and their sensitive data was not in jeopardy. The attack prevented Curo’s clients from processing investment-related instructions or offering other services through the company’s platform. The incident is under investigation.  

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business The financial sector has been a huge target for ransomware groups, from De Fi platforms to investment banking houses, and companies should be very cautious.

ID Agent to the Rescue Take a crash course in ransomware including today’s biggest threats and how to defend your clients against them with our Deep Dive Into Ransomware Resource Bundle. GET THE BUNDLE>>


Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>



Singapore – Delta Electronics 

https://thestack.technology/delta-electronics-ransomware-attack/?amp=1

Exploit: Ransomware

Delta Electronics: Computer Hardware Manufacturing 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.771 = Severe

Delta Electronics has disclosed that it was the victim of a ransomware attack. The company, a supplier of power management products for Dell and HP, says that they are experiencing technical difficulties that have been limited to non-critical networks. Reports say that customer support and service sites for the US and EMEA clients were unavailable for about 10 days after the attack. An unnamed threat actor has claimed responsibility.  

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Epic supply chain problems have manufacturers under stress, and cybercriminals love to take advantage of a bad situation.

ID Agent to the Rescue Capitalize on this trend with amazing marketing that gets your message out to companies at risk with the tools and tips in our eBook 5 Ways to Make Marketing Magic. GET IT NOW>>   



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


Zero Trust security is a piece of cake when you’re sure you’re giving access to the right people at the right levels. SEE HOW TO DO IT>>



Go Inside the Ink to see how today’s biggest threats can impact your MSP and your customers in our blog.


Don’t miss The Week in Breach feature story, a blog exclusive!
This week:
Get fresh insight into selling your clients on security awareness training with the new BullPhish ID! READ IT>>
Catch up from last week: Get a breakdown of 2021 data breaches including how they happened & who is in danger now. READ IT>>


Take a deep dive into ransomware and learn to protect your clients affordably with this resource bundle! GET IT>>



Use These Tools to Increase Your MRR!

Get to know the NEW BullPhish ID in our Quarterly Product Update webinar and see how it makes security awareness training a serious profit center! WATCH NOW>>

How to Turn Compromised Credentials into Your Biggest Moneymaker – This webinar demonstrates how the power of dark web search closes more deals fast. WATCH NOW>>

The Guide to Reducing Insider Risk – Find everything you need to know about detecting and eliminating insider risks of every type. DOWNLOAD NOW>>

Did you miss this? Help your clients build a strong security culture by sending them this checklist! DOWNLOAD IT>>


See how cyber insurance is changing and how to protect your clients from trouble. WATCH NOW>>



a yellow post it note with a password to show security upgrades from automated password resets

Selling Your Clients on Security Awareness Training 


6 Points to Hammer Home


Businesses of every size in every industry are facing more cybersecurity risk and pressure than ever before. Every day, their employees are being inundated with cyberattack threats, and just one misclick could be the start of an expensive, devastating nightmare. That means that teaching employees how to avoid those threats and maintain good security hygiene should be a top priority.  


The Guide to Reducing Insider Risk can help IT pros stop security incidents before they start! GET IT>>


Training Neglect is Real


But all too often, it is not, and it can be challenging to explain to clients why they are making a mistake by neglecting security awareness training. A survey of IT professionals showed that while over 95% of them said that their companies had security awareness training programs, only 30% of them said that employees had actually completed any training. That’s coming back to haunt them.  

There’s plenty of opportunity for MSPs to build their security business and increase their MRR by offering comprehensive security awareness training. Findings recently released in the  2021 Data Security Report by GetApp illustrate the possibilities: 


Go deep into the cybercrime underworld in “Hacker Hotbeds and Malicious Marketplaces” WATCH THIS WEBINAR>>


6 Data Points That Show Customers the Value of Security Awareness Training


However, customers may have trouble seeing the value of less concrete security tools like a security awareness training program, especially non-tech savvy decision-makers who are focused on the bottom line instead of cybersecurity risk. These six data points may help you demonstrate to your customers that when companies are looking to make short and long-term improvements in security affordably, security awareness training is the perfect place to turn a small investment into a major security upgrade.  

It Prevents Phishing, Their #1 Data Breach Risk 

Security awareness training is proven to improve employees’ ability to detect phishing if it is carried out regularly. Researchers in a UK phishing simulation study discovered that the improvement is fast and significant. At the beginning of the study, 40 – 60% of the employees surveyed were likely to open malicious links or attachments. But after about 6 months of security awareness training, the percentage of employees who took the bait in every industry dropped 20% to 25% – and after 3 to 6 months of more security awareness training, the percentage of employees who opened phishing messages plummeted to only 10% to 18%.    

To Get Everyone on the Security Team  

Chances are that their employees who aren’t directly in IT don’t even know that they’re supposed to worry about cybersecurity and that is an enormous danger for their employers. Here’s a shocker: 45% of respondents in a HIPAA Journal survey said that they don’t need to worry about cybersecurity safeguards because they don’t work in the IT department. That’s a recipe for disaster in any business. Employees are the number one vector for a company to have a security problem. Negligent employees create over 60% of security incidents. Security awareness training makes sure that every employee understands that they are responsible for maintaining security or damaging it through their actions. 

They’ll See Immediate Security Improvements 

Here’s an example of a direct, easy-to-understand improvement: security awareness training helps reduce the chance that bad actors will obtain or crack a company’s passwords. Password misuse, hacking or theft is the second most common way that companies have a data breach. It was the culprit in an estimated 60% of data breaches in 2021. In a study of employee password generation and handling behaviors, researchers determined that security awareness training improved overall password security by an estimated 30 – 50%.   


remote workers pose a cryptocurrency risk

Solve five of the most exhausting remote and hybrid security problems fast with this handy infographic! DOWNLOAD IT>>


Security Awareness Training Has a High ROI 

Security awareness training is a smart investment that packs a lot of bang for the buck. It’s a small outlay with little upfront cost that offers an excellent ROI. Small and mid-sized businesses (SMBs) get an ROI of 69% and larger organizations see an ROI of 562%. Plus, it provides ROI by enhancing a company’s cyber resilience, making them less likely to be crippled by a cyberattack. Cyber resilience is an important asset for companies to build in today’s ransomware-heavy cyberattack landscape. No company wants to be completely hamstrung by a cyberattack, losing time and money because no one can work. 84% of leading organizations in the IBM Cyber Resilient Organization Study 2021 cite security awareness training as a key building block of cyber resilience.  

If There is an Incident, It Will Cost Less 

Security incidents are punishingly expensive, but security awareness training chops incident costs in half. The cost of phishing attacks has almost quadrupled over the past six years, with large US companies losing an average of $14.8 million annually (or $1,500 per employee) to phishing. Security awareness training reduces the cost of phishing by more than 50%. Even a modest investment in security awareness and training will do the trick. Any investment in security awareness training has a 72% chance of significantly reducing the business impact of a cyberattack. 

It Helps Avoid Expensive Compliance Failures

Being proactive about meeting security awareness training requirements can save companies a fortune. With regulations growing more complex in the wake of public pressure following the Colonial Pipeline incident, there’s been a blizzard of regulatory activity around the world that impacts organizations in many industries. By implementing security awareness training programs now, organizations can reduce their chance of experiencing a security incident that could jeopardize their compliance status. Companies that engage in regular security awareness training have 70% fewer security incidents

The NEW BullPhish ID Makes Providing Security Awareness Training Easy 

In a report from consulting giant Accenture detailing the characteristics of a cyber resilient organization, researchers place the ideal number of training courses for employees each year at 11, or just a little under one per month – and BullPhish ID is perfect for painlessly administering an effective security awareness training program. 

You asked and we delivered: We’ve made BullPhish ID a dynamic stand-alone solution for security awareness training. BullPhish ID also boasts an array of fresh features and functions that make the training experience better for trainees and IT professionals that are tasked with running it. You’ll love:  

 New Training Content   

  • 15 new, up-to-date training videos on a variety of security and compliance topics including passwords, ransomware HIPAA compliance and more have been recently added to the platform.    
  • 8 new phishing kits have also been added to keep up with the latest threats. The kits are customizable and can be modified by customers to suit their clients’ needs.  
  • More new training content around risks and compliance is added every month! 

New How-To Videos (Coming Soon)   

  • Brief in-product video tutorials will provide helpful instructions for commonly used product features.  
  • Several new self-help videos will come out every quarter to help you take full advantage of the BullPhish ID features. 

New Reporting Module   

  • Easily track and show progress with easy-to-read monthly and quarterly performance reports that can be accessed anytime.  
  • Choose automated reporting and have those performance reports created and delivered to designated recipients automatically. 

See how BullPhish ID can help you make more money this year with a personalized demo. BOOK IT>> 


Feb 09 – Phish & Chips EMEA REGISTER NOW>>

Feb 15 – Customer Spotlight with CloudTech 24 (EMEA) REGISTER NOW>>

Feb 15 – Lunch & Learn: BullPhish ID Security Awareness Training & Phishing Simulation REGISTER NOW>>

Jun 20-23 – Connect IT Global in Las Vegas REGISTER NOW>>  



Security Awareness Training is the Real MVP 


It’s a dangerous world out there for businesses. Are you looking for ways to increase your company’s information security without increasing your tech budget? Security awareness training is the answer.  

Every day, your employees are being inundated with cyberattack threats, and just one misclick could be the start of an expensive, devastating nightmare. But security awareness training reduces the chance of your company experiencing a cybersecurity incident by up to 70%. 

Security awareness training is the key to strengthening your company’s security in the short and long term without breaking the bank, and when it comes to ROI for security tools, it’s almost unbeatable. You can even automate training to make it painless for everyone. Don’t wait to make this excellent investment!  


Do you have comments? Requests? News tips? Compliments? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

ID Agent Partners: Feel free to reuse this post (in part or in its entirety) When you get a chance, email pr@kaseya.com to let us know how our content works for you!


let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


Is your password compromised? Find out in seconds!

USE OUR PASSWORD COMPROMISE CHECKER>>


Book your demo of Dark Web ID, BullPhish ID and Passly now!

SCHEDULE IT NOW>>